I have done some research on my own but wasnt successful. i am just getting started with security stuff in terms of system hacking. I am a network engineer (cisco based) and have a good knowledge of networks and related protocols.

What currently interests me, is windows xp (with sp4 and other patches uptodate) is still exploitable. Can we still use pass the hash attack to exploit the machine ?

I know i should have tried it first but just wanted to get some feedback from you guys :-)

I saw the mention of SP4, and more or less ignored this one. If someone doesn't even know SP4 doesn't exist (or do the research to find out,) it's not worth the time to respond, IMHO.

Regarding that EOL, though, we ALL know there will still be plenty of attack surface, of XP, even after that date, as businesses just don't care, sometimes. Good security posture would suggest staying on a current, patched OS, but I speak for many pentesters who know, for fact, that it's just not followed, religiously, if it's even in many companies' plans, at all.

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

It's a battle I fight daily. Power systems were developed for reliability and safety, not to be secure. Then this cool thing called Ethernet showed up that required no skill to configure....fast forward 20 years and now there's just alot more of it except the business people now want data from the control systems to make decisions..... No problem "just plug that in over there" LOL

Add remote access and regulatory monitoring to that mix, followed, as you noted, by extreme lack of security planning on even a basic OS level, and you have your work cut out for you. I feel your pain. :-(

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

I am very sorry. It wasnt a typo but i remembered sp3 as sp4, my bad. Sorry for my stupid mistake.

Basically what i wanted to ask is, with firewall enabled, and all the updates released so far XP, is pass the hash attack still successful. At my home pc, i tried using VMs but it didnt work. So is my pc secure OS wise in terms of pass the hash attack ? has anyone tried with all the patches installed ?

I am asking this to make sure i didnt made any mistake while doing the attack. Need your confirmation in this